“Non-personal Information” refers to any non-personal information collected from End-Users pursuant to their use of the Services, including but not limited to the browser name, the type of computer and technical information about End-Users means of connection to the Services such as the operating system, the Internet service providers utilized and other similar information.
“Personal Information” refers to any information that identifies or can be used to identify, contact or locate the person, to whom such information pertains including, but not limited to, when End-Users register, conclude a transaction, respond to a survey, fill out a form, and anything else in connection with the Services.
Sensitive Personal Data or Information (“SPDI”) consists of information relating to the following:
- financial information such as bank account or credit card or debit card or other payment instrument details;
- physical, physiological and mental health condition;
- medical history;
- any detail relating to the above clauses or any other sensitive personal data or information as provided to Ultrahuman for providing the Service; and
- any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise.
“Third Party” refers to any person or entity other than you or us.
INFORMATION THAT WE COLLECT:
For the purposes of creation of a User Account on the platform, End-Users will be required to disclose information including personal contact details. The type of Information collected from an End-User varies based on the interaction with the platform and preferred use of the Services. During the creation of a User Account, we may collect information such as your name, telephone number, email address, residential/commercial address and other Information. In some situations, we may also require you to disclose demographic information including gender, age, education and other information relevant to the provision of Services.
If you access or use the Services without creation of a User Account on the platform, we may still gather and store certain Non-personal Information about your visit. This information does not identify you personally and cannot be linked back to you unless you decide to identify yourself. If you are using our Services, we may collect the following Non-Personal Information: IP address, the type of browser and operating system used to access our Services, the date and time you accessed our Services and if you were linked to our Services from another website, the address of that website as well as additional information related to your visit may be collected. We may also collect certain Information that our End-Users provide such as inter alia e-mail addresses of End-Users who communicate with us via e-mail and their country including IP addresses.
Ultrahuman collects SPDI only voluntarily and knowingly provided by its End-Users. In order to assess and customize user experience, Ultrahuman may collect other information from its End-Users including weight, height, location, nutrition data, workouts, physical activity, photographs, and sleep habits and we may collect other sleep, activity, or health-related information as our Services are further developed. You can choose not to provide us with certain information, but then you may not be able to register with us or to take advantage of some of our features / Services.
End-Users may give us the ability to import information about their health and activities from third-party services such as Apple HealthKit. Such imported Personal Information may include heartbeat rate and other data about their health. In order for Ultrahuman to process any Personal Information under this category, Ultrahuman will explicitly ask End-User's consent on the registration screen. Ultrahuman will not use the information gained through your use of the Apple HealthKit framework for advertising or similar services, or sell it to advertising platforms, data brokers, or information resellers.
To access the Ultrahuman Premium Services, End-Users may be required to make a digital payment. In order to collect the subscription fee from our End-Users to access and use the premium Services, we may collect debit/credit card information or other sensitive personal financial information of End-Users. Ultrahuman undertakes to protect the SPDI provided by you in accordance with reasonable security practices and procedures and undertakes not to transfer or disclose your SPDI to a Third Party for any purpose without your prior consent. However, it is important that if you detect any scam or fraudulent activity wherein any Third-Party tries to wrongfully gain access to your financial information in the garb of providing access to use our Services, please immediately report the matter to your local authorities and write to us at email@example.com.
You may also register for a User Account using your existing Apple or Google account and log-in credentials (your “Third-Party Site Accounts”). As part of the functionality of the Services, you may link your account with Third Party Site Accounts, by either: (i) providing your Third Party Site Account login information to us through the Services; or (ii) allowing us to access your Third Party Site Account, as is permitted under the applicable terms and conditions that govern your use of each Third Party Site Account. As part of the functionality of the Services, you may link your account with Third Party Site Accounts, by either: (i) providing your Third Party Site Account login information to us through the Services; or (ii) allowing us to access your Third Party Site Account, as is permitted under the applicable terms and conditions that govern your use of each Third Party Site Account. You represent that you are entitled to disclose your Third Party Account login information to us and/or grant us access to your Third Party Account (including, but not limited to, for the purposes described herein), without breach by you of any of the terms and conditions that govern your use of the applicable Third Party Account and without obligating us to pay any fees or making us subject to any usage limitations imposed by the applicable Third Party Site service provider.
PURPOSE OF COLLECTION:
We may collect and use the Information to deliver the Services, to identify and troubleshoot problems with the Services, and to improve the Services.
We make all efforts to ensure that we collect only such Information that we believe to be relevant in order to support and facilitate provision of Services, including but not limited to:
- Process and respond to End-User’s queries;
- Understand the End-Users’ requirements;
- Diagnose technical glitches;
- Provide End-Users with customer support;
- Allow End-Users to access or participate in interactive features offered through the Services;
- In any other way that Ultrahuman specifies at the time of seeking information from End-Users;
- For processing of statistics for advertising, affiliate marketing and analytics;
- To investigate fraud or abuse;
- For any other purpose with the End-User’s consent.
We are not in the business of selling Information to Third Parties for the above purposes, and all Information shared with Third Parties in relation to the above purposes, will be on a no-name aggregate basis.
PRINCIPLES OF PROCESSING:
We will not process Information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you or collect any Information that is not needed for the mentioned purposes. For any new purpose of processing we will ask your separate explicit consent. To the extent necessary for those purposes, we take all reasonable steps to ensure that Information is reliable for its intended use, accurate, complete, and current. We also undertake to collect only such amounts and types of Information that is strictly needed for the mentioned purposes.
We may also disclose Information when we respond to valid legal processes. In the event we are required to respond to subpoenas, court orders or other legal process, your Information may be disclosed pursuant to such subpoena, court order or legal process, which may be without notice to you. We may also disclose Information when reasonably necessary to preserve our legal rights.
We use Third-Party service providers to help us provide portions of the Services and give support. They only receive Information needed to provide their services. We have agreements with our service providers that say they cannot use any of this Information for their own purposes or for the purposes of another third party. We prohibit our service providers from selling Information they receive from us or receive on our behalf. We require service providers to use Information only in order to perform the services we have hired them to do (unless otherwise required by law).
We may also share your Information (including your SPDI) in any circumstances where we have your prior consent.
HOW WE PROTECT INFORMATION:
We maintain appropriate administrative, technical, and physical safeguards to protect your Information from accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use and other unlawful forms of processing. We implement appropriate physical, electronic and managerial procedures to safeguard and help prevent unauthorized access and for the purposes of maintaining Information security. For when we collect debit card, credit card or other sensitive payment details, we will ensure compliance with the payment card industry standard (PCI standard) and also use SSL secured communication channels, encryption, passwords and physical security measures in order to protect the Information and SPDI of End-Users.
ACCESS TO THIRD-PARTY:
We do not sell or share your Information to any Third Party i.e. marketing companies, agencies, advertisers or any similar companies in exchange of fees/payments. We also do not share or allow any Third-Party to use your Information stored with us for any other purpose except consented by you or if required under any legal obligations.
However, we do use certain standard advertising tools on our marketing sites which, provided you have allowed it in your cookie preferences, sends Information to the tool providers, such as Google. We provide a “Do Not Sell My Personal Information” link at the bottom of our marketing sites. You can use this link to change your Cookie Preferences and opt out of the use of these advertising tools. If you opt out, Information that was used by these tools will no longer be shared with Third Parties.
We may engage Third-Party processors to perform particular operations with your Information for us. Such Third-Party processors are companies that help us operate the Services, support our communication with you or perform other Services-related activities. They may process certain Information on our behalf to accomplish the goals related to the Service functions and associated activities. Third-Party processors act only in accordance with our instructions and process only such amount of Information as we instruct them to process. We remain fully liable for any acts or omissions of our Third-Party processors and undertake to execute formal data processing agreements with them to the extent required by applicable law.
We will only retain your Information for as long as necessary to fulfil the purposes described above. We may also retain your Information, if necessary, for our legitimate business interests, such as fraud prevention or to maintain the security of our users. If you have elected to receive marketing communications from us, we will retain Information about your marketing preferences for a reasonable period of time, which will be calculated based on the date you last expressed interest in our content, products, or Services.
We will take reasonable steps to accurately record the Information that you provide to us including any subsequent updates. You can review, update and amend the Information that we maintain about you, and you may request we delete Information about you that is inaccurate, incomplete or irrelevant for legitimate purposes, or is being processed in a way which infringes any applicable legal requirement.
DATA SUBJECT RIGHTS:
For the purposes of EU's General Data Protection Regulation ("GDPR") and California Consumer Privacy Act ("CCPA"), our users are the decision maker, for the Information, and we act for, and at the direction of, our users. We are typically required to follow our users' instructions about Information we hold for that user.
If you are an EEA, Swiss, or UK resident, you may have the right to access your Information, the right to correct your Information, the right to request deletion of your Information, the right to request restricted processing of your Information, the right to a portable copy of the Information you have provided, and the right to object to processing of your Information, such as for direct marketing. You can exercise the rights granted under the GDPR by raising a request to our Data Protection Officer firstname.lastname@example.org.
If you are a California resident, you can request Information that we may have collected about you in the previous twelve months, the reason we collected it, the category of entities with whom we have shared it and the reason for any disclosure, by writing to us email@example.com.
The Company is based in India, and Information we collect is governed by Indian laws. Please be advised that Indian law and laws of other countries may not offer the same protections as the law of your jurisdiction.
In addition, you agree that Information collected may be stored and processed in India, or in any other country in which the Company or its affiliates, subsidiaries or agents rents servers, maintain facilities, and by using the Services, you consent to any such transfer of Information outside of your country.
Reasonable security measures are in place to help protect against the loss, misuse and alteration of the Information under our control. We promote safety and security on and off our Services, such as by investigating suspicious activity or violations of our Terms of Service and to ensure our Services are being used legally. If we do detect something risky that would compromise on your privacy and security, we shall notify you by updating our terms and help guide you through steps to stay better protected.
We shall take complete measures to safeguard you and our Services from unauthorized access, alteration, disclosure, or destruction of Information we hold, including:
- Use of encryption to keep your Information private while in transit;
- Timely review of our Information collection, storage, and processing practices, including physical security measures, to prevent unauthorized access to our systems;
ASSIGNMENT AND TRANSFER:
LAW AND PROTECTION:
MODIFICATIONS TO THIS POLICY:
Ultrahuman Healthcare Private Limited is located at 1st Floor, Gopalakrishna Complex #45/3, Residency Road Bangalore 560025, Karnataka, India.